Can't Turn Firewall On

[Nerwin]

So heres my problem:

I have a Computer with Windows XP Pro installed and I want to turn the Firewall on, But it wont let me turn it on. It keeps saying that Group Policy prevents you from turning the firewall on or any other security option, such as the Automatic Updates. However, I am the administrator, I am the only user on this system.

I have no idea why its doing this, anyone have any ideas?

Thanks in Advance!

[IcemanND]

I've seen a few things cause this, malware, third party security software, or a local group policy set, or the associated services being disabled or missing.

[Nerwin]

Well the system was previously used at a business, So I don't know if they messed with the local security policy or not. And I even checked all of that and I can't find anything. Plus I have no idea what to look for.

[IcemanND]

you can check the local group policies: start -> run -> gpedit.msc

check under

Local computer policy\Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall

Will have both domain and standard profile settings there, windows updates are under

Local computer policy\Computer Configuration\Administrative Templates\Windows Components\Windows Update

By default the majority of the settings default to Not configured.

If the machine was is on the domain still for some reason it may have domain policies being set to do that in which case the option to change these settings will be grayed out.

[Nerwin]

Well I checked all those settings and they all say "Not Configured"

This machine was on a Domain. And I changed it my workgroup at home.

[TheFlash428]

Start --> Run... --> "rsop.msc"

This will bring the up the "resultant set of policy" and should tell you which group policy settings have been configured, as well as which policy is enforcing the setting (local, domain, etc...)

[Nerwin]

Cool, But I still don't know what to look for that would be causing this.

[James_A]

... I still don't know what to look for ...

The actual Policy (IIRC) is called "Protect all network connections"

Also, have you looked in the Registry at:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ WindowsFirewall

or

HKEY_CURRENT_USER \ SOFTWARE \ Policies \ Microsoft \ WindowsFirewall

?

[Nerwin]

Well I checked those registry entry's And all the values were set to 0 so I set them to 1 and all it did is force the firewall on. Which is alright I guess but It is still grayed out. I know its gotta be something to do with the policy.

[James_A]

Have you now resolved this, Nerwin?

I was hoping that someone with a bit more experience would come back on this topic, but apparently not, so here's my opinion...

Well I checked those registry entry's And all the values were set to 0 so I set them to 1 and all it did is force the firewall on.

If those registry entries exist and are set to 0 then some form of Group Policy set them. Group Policy is enforced at logon by winlogon.exe and at regular intervals whilst Windows is running. If it is still in effect, then you should find the registry values have been reset to 0 again.

Files involved locally are ntuser.pol (in %allusers%) and also ntuser.pol in all individual user profiles. Also under two folders under the WINDOWS\system32\GroupPolicy folder you will find two registry.pol files.

The Administrative Templates extension of Group Policy saves information in the Group Policy template in Registry.pol files. These files contain the customized registry settings that you specify (by using the Group Policy snap-in) to be applied to the Machine (HKLM) or User (HKCU) portion of the registry.

(From: http://www.microsoft.com/technet/prodtechn...a_dcm_rhwh.mspx)

My suggestion is to axe all those .pol files. (At least 2x ntuser.pol and 2x registry.pol.) You might need to boot up under something else to kill them, since the OS will normally be hanging on to them.

Which is alright I guess but It is still grayed out.

WHAT is grayed out?

.